The Personal Data Eco-System (diagram by Iain Henderson and Drummond Reed)

Another reason I really love Twitter: It takes you places you might never have found on your own. Take a recent post by xmlgrrl, a.k.a. Eve Maler of Sun Microsystems, a terse pointer to a posting by Iain Henderson of Mydex on rightsideup.net entitled “The Personal Data Eco-System” which provides by far the best theoretical overview that I, at least, have seen on the true nature and function of personal data.

The text is an abstract of a session Ian and his pal Drummond Reed of Concordance, who is also a trustee of identitycommons, held at a recent West Coast VRM Workshop and which is also intended as an introduction to the Kantara workgroup where they hope to explore these scenarios more deeply. The focus of the piece is on what Iain and Drummond describe as “Personal Data Stores”, a slightly confusing term for a kind of data warehouse in which to store all the personal data available about me (or you) so that it can be used for anything from paying a credit card bill to scheduling a doctor’s appointment or even planning a home move.

But where it gets really exciting is when the two start to discuss what kind of data there is about me (or you) , what the relationship is between the different kinds of data and how they interact. Basically, they divide all personal data into five categories:

• My Data (information about me that I, and only I, own and control)
• Your Data (information about me that someone else – e.g. an organization or the government – owns and controls)
• Our Data (information about me that is accessible to both me and them, e.g. buyer and seller)
• Their Data (information about me that is owned and sold by third parties such as a credit card company)
• Everybody’s Data (information about me that is in the public domain, e.g. my postal address or an electoral roll)

Iain and Reed have created the absolutely fascinating flower-like Venn diagram pictured above explaining how and where these separate sorts of data intersect to create what they describe as a “Basic Identifier Set” in the middle. This for them is the “core personal identity data and they believe it will enable a working “personal identity eco-system” for providing services and ensuring transactions sometime in the future, with the individual functioning as the “un-knowing point of integration” of data about themselves.

They describe in detail the various dynamic flows of data between the different categories, such as from My Data to Your Data where individuals provide information about themselves under certain conditions (think the “tick boxes” on web forms indicating whether I want to receive your newsletter if I buy your product) or from Your Data to Their Data as an organization shares information about me with another organization, something which can happen legally (as in identity federation) or illegally (then it’s called identity theft).

I find the Henderson/Reed Diagram an extremely illuminating intellectual achievement since it illustrates the huge complexity involved in addressing issues of identity, both digital and analog. I’m not so sure whether I agree with Iain’s conclusion and forecast that over time (“in 10 years”) some 80% of customer management processes will be driven from a “My Data” perspective. He argues that the rush for user-generated content, as well as economic reasons, will cause organizations to move to a user-controlled model of identity management.

Well, I’ve been around long enough to know you can multiply a given prognosis involving a ten-year timeframe by a factor of between two and ten and still wind up way out in left field. But I do think they are right in assuming that there is a business case for moving towards user-controlled identity. Whether it will be, as they suggest, that allowing a vendor to mine my Personal Data Store for my consumer habits, and especially my buying intentions, will be incentive enough, or whether the prevalent model will be a simple upfront deal – give me your personal information and I will give you a rebate or cash in hand – I don’t know, but until we find out it might be a good idea to contenplate the wonderfully symmetric flower petals of the identity eco-system diagram and ponder it’s implications.

Just got back from my favorite neighborhood watering hole in Munich, the Cafe Wienerplatz, where I met with Soeren von Varchmin, who recently moved in next door after spending a few years in Seattle.

Soeren is VP SaaS at Parallels, a company that describes itself as “worldwide leader in virtualization and automation software that optimizes computing for consumers, businesses and providers”. His job is to bring together Internet Providers and Services Providers (ISVs) by providing a common plattform to provision, manage and integrate applications and services over the Internet. His vision is to create a large-scale cloud computing ecosystem where software vendors and cloud operators together deliver a wide variety of services to businesses and consumers.

To achieve this goal, Parallels has written what they call the “Application Packaging Standard” (APS) which they describe as a new application packaging format designed to help implement a Software-as-a-Service (SaaS) business model. I guess you could call is “SaaS 2.0″ (or maybe “ASP x.0″), because it enables almost all industry hosting providers – Parallels’ traditional customer base – to team up with almost any application provider to offer their apps as a rental web service.

Once packaged in the APS format – basically just an XML feed – by a software vendor, an application can be easily “plugged” into an infrastructure of any hosting provider that implemented the standard “socket” for the APS applications.

Soeren thinks this is a real win-win situation, since it gives hosting providers a new, higher-value business model while providing a new distribution channel for ISVs. Parallels is touting their standard as an open plattform, and rumor has it that they will be founding a non-profit organization to push the specification in the public domain., so check out their website at www.apsstandard.org for updates.

Read the rest of this entry »